Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Remote Integrity Verification

Trusted Platform Module (TPM) 1.2 is supported on MX240, MX480, MX960, MX2008, MX2010, and MX2020 with RE-S-X6-128G-S. TPM is a chip used to identify a device on the network and the evidence of the integrity of software loaded on that device when it boots up. One of the features of the TPM is to measure various software components during device boot. The data is stored as a cryptographic hash in the TPM's Platform Configuration Registers (PCR). You can use PCR as proof of the integrity of the MX Series devices software version. The chip includes multiple physical security mechanisms to make it tamper resistant and the malicious software cannot tamper the security functions of the TPM.

Remote Integrity Verification (RIV) defines set of protocols and procedures to determinine if a particular device is launched with untampered software version. The roles involved in RIV process are Attester and Verifier.

The Attester provides evidence of identity and software state to the Verifier on demand. The Verifier verifies the evidence and makes a judgment about the integrity of the software image running on the Attester.

Benefits

  • Provides the integrity of the host platform and ensures that the host platform is not hacked.

  • Provides restricted access to the stored secrets (keys).

  • Stores data that is not secret such as public keys used for platform identity. You cannot change the public keys without authorization.

  • Creates and manages a TPM key used to sign the evidence

Related Documentation